Closed mvdan closed 6 years ago
mvdan
commented
6 years ago If you want to reproduce this:
git clone https://github.com/mvdan/zstd
git checkout tmp-break-inv
./buildThe HEAD commit in that branch is what replaces the number with the constant name.
mvdan
commented
6 years ago Thanks for the fix!
mvdan
commented
6 years ago @nigeltao playing with this new feature, I hit a fun "cannot prove" error:
check: cannot prove "i <= 131072": cannot prove "block_size <= 131072": failed at decode.wuffs:86. Facts:
max_block_size == 131072
block_size <= max_block_size
i < block_sizeThe code in question looks like:
var i u32
while i < block_size,
inv max_block_size == 131072,
inv block_size <= max_block_size {
assert i <= max_block_size via "a <= b: a <= c; c <= b"(c:block_size)
i += 1
}Shouldn't this work? Or what am I missing?
mvdan
commented
6 years ago Ignore my comment above - I wasn't actually running the compiler on that assertion.
Apologies if this bug report is lacking any information or if I missed anything obvious. But I've been playing with this for over twenty minutes, and I cannot figure it out.
I have a piece of code:
And this gets an error:
It seems to me like from those facts, I should be able to prove that
i <= 131072, since131072 == maxBlockSizeandi <= maxBlockSize. However, I don't seem to be able to. I have tried multiple asserts, includingassert maxBlockSize == 131072andassert i <= 131072 via "a <= b: a <= c; c == b"(c:maxBlockSize).Here's why I think this is a bug in Wuffs - if I replace all uses of
maxBlockSizewith131072, the bounds error disappears.